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REMARKS 

This Application has been carefully reviewed in light of the Final Office Action 
mailed August 23, 2005 ("Office Action"). At the time of the Office Action, Claims 1-26 
were pending in the Application. In the Office Action, the Examiner rejects Claims 1-26. 
Applicants cancels Claims 1-26 and adds new Claims 27-71. As described below, 
Applicants believe all claims to be allowable over the cited references. Therefore, 
Applicants respectfully request reconsideration and fiill allowance of all pending claims. 

Claims 27-34, 43-49. and 58-64 are Allowable over the Cited Art 

New independent Claim 27 recites: 

A method for preventing hostile use of computer resources by an 
application running on a workstation, comprising: 

providing a filter on a workstation for receiving intemal requests 
for computer resources resident on the workstation; 

receiving at the filter a request for access identifying a computer 
resource resident on the workstation, the request for access generated by 
an unspecified application downloaded to the workstation from a source 
external to the workstation, the unspecified application not identifiable in 
a pre-set list of hostile applications; 

determining whether the requested computer resource is on a list of 
one or more computer resources that are not accessible to unspecified 
applications; 

allowing access to the requested computer resource if the requested 
computer resource is not on the list; and 

preventing access to the requested computer resource if the 
requested computer resource is on the list. 

Applicant respectfully submits that the proposed Touboul-Hayman combination does not 
disclose, teach, or suggest the combination of features and operations recited in 
Applicants' Claim 27. 

For example. Applicants respectfully submit that the proposed Touboul-Hayman 
combination does not disclose, teach, or suggest "receiving at the filter [on a workstation] 
a request for access identifying a computer resource resident on the workstation, the 
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request for access generated by an xinspecified application downloaded to the workstation 
from a source external to the workstation, the unspecified application not identifiable in a 
pre-set list of hostile applications," as recited in new independent Claim 27, In the Office 
Action, the Examiner acknowledges that Touboul does not "explicitly disclose when 
unspecified application [run] on the workstation, preventing the application from 
accessing any resource directly." (Office Action, page 6). In fact, Touboul discloses an 
"internal network security system 110 [that] examines Downloadables received from 
external computer network 105, and prevents Dovmloadables deemed suspicious from 
reaching the internal computer network." (Column 3, lines 9-12). Thus, Touboul is a 
network based application designed to prevent hostile Downloadables from breaching the 
internal network. Accordingly, Applicant submits that Touboul can not be said to 
disclose, teach, or suggest that "the request for access [is] generated by an unspecified 
application downloaded to the workstation from a source external to the workstation" and 
that "the unspecified application [on the workstation] is not identifiable in a pre-set list of 
hostile applications," as recited in new Claim 27. 

Applicants further submit that this deficiency is not cured by the disclosure of 
Hayman, To the contrary, Hayman discloses "a security system for a computer system in 
which specific limitations are imposed on who has access to exactly what computer 
functions and data on the computer system." (Column 1, lines 48-51). Specifically, 
"different privileges [are assigned] to each user depending on the particular job which that 
user is to do on the computer system." (Column 1, lines 57-61). "Also, security labels are 
placed on each data file or other system resource, and on each user process." (Column 1, 
lines 62-63). "A hierarchy of labels is created ranging from highly secret to commonly 
accessible and strict polices are enforced by the security system based on these labels to 
determine who has what type of access to which data files or other system resource." 
(Column 1, line 63 through Column 2, line 1). "According to the invention, a range of 
these labels is assigned to a particular user process to define a clearance range in which the 
process is allowed to operate." (Column 2, lines 2-4). Accordingly, the Hayman system is 
limited to determining the permissibility of user-requested computer functions on a user- 
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by-user basis. As a result, Hayman also does not disclose, teach, or suggest "receiving at 
the filter [on a workstation] a request for access identifying a computer resource resident 
on the workstation, the request for access generated by an unspecified application 
downloaded to the workstation fi-om a source external to the workstation, the unspecified 
application not identifiable in a pre-set list of hostile applications," as recited in new 
independent Claim 27. 

Independent Claims 42 and 57 recite certain features that are analogous to those 
discussed above. For example. Claim 42 recites a workstation that includes "a memory 
operable to store one or more applications, at least one application comprising an 
unspecified application received from the network as a downloadable application, the 
unspecified application not identifiable in a pre-set list of hostile applications" and "a 
processor . . . operable to ... in response to a request received from the unspecified 
application, determine whether a requested computer resource is on a list of one or more 
computer resources that are not accessible to any unspecified applications." Claim 57 
recites logic operable when executed to "receive at the filter a request for access 
identifying a computer resource resident on the workstation, the request for access 
generated by an unspecified application downloaded to the workstation from a source 
extemal to the workstation, the unspecified application not identifiable in a pre-set list of 
hostile applications." Accordingly, for reasons similar to those discussed above, 
Applicants respectfully submit that the proposed Touboul-Hayman combination does not 
disclose, teach, or suggest each and every limitation of Applicants' Claims 42 and 57, 

For at least these reasons, Applicants respectfully request reconsideration and 
allowance of Claims 27, 42, and 57, together with Claims 28-34, 43-49, and 58-64 that 
depend fi"om Claims 27, 42, and 57, respectively. 

Claims 35-41, 50-56, and 65-71 are Allowable over the Cited Art 

New independent Claim 35 recites: 

DALO 1:874 1 92.1 



ATTORNEY DOCKET NO. 
063170.6607 



17 



PATENT APPLICATION 
09/622,959 



A method for preventing hostile use of computer resources 
by an application running on a workstation, comprising: 

providing a filter on a ^workstation for receiving internal 
requests for computer resources resident on the workstation; 

receiving at the filter a request for access from an 
application resident on the workstation, the request for access 
identifying a computer resource resident on the workstation, 

determining if the request for access has exceeded a pre-set 
threshold identifying a limited number of processes that may be 
initiated by the application; 

allowing access to the requested computer resource if the 
request for access has not exceeded the pre-set threshold; and 

preventing access to the requested computer resource if the 
request for access has exceeded the pre-set threshold. 

Applicant respectfully submits that the proposed Touboul-Hayman combination does not 
disclose, teach, or suggest each and every limitation of Applicants' Claim 35. 

For example, at a minimum, the proposed Touboul-Hayman combination does not 
disclose, teach, or suggest "receiving at the filter a request for access from an application 
resident on the workstation, the request for access identifying a computer resource resident 
on the workstation" and "determining if the request for access has exceeded a pre-set 
threshold identifying a limited number of processes that may be initiated by the 
application," as recited in new independent Claim 35, As discussed above, Touboul is 
limited to a network based application designed to prevent hostile Downloadables from 
breaching the internal network. Furthermore, for determining whether to allow or block a 
Downloadable, Touboul merely discloses that the following tests may be performed: (1) a 
comparison with known hostile and non-hostile Downloadables; (2) a comparison with 
Downloadables to be blocked or allowed per administrative override; (3) a comparison of 
the Downloadable security profile data against access control lists; (4) a comparison of a 
certificate embodied in the Downloadable against trusted certificates; and (5) a 
comparison of the URL fi-om which the Downloadable originated against trusted and 
untrusted URLS. (Column 2, lines 10-20). Accordingly, Applicant submits that Touboul 
does not disclose, teach, or suggest "determining if the request for access has exceeded a 
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pre-set threshold identifying a Hmited number of processes that may be initiated by the 
application/' as recited in new independent Claim 35. 

Applicants further submit that this deficiency is not cured by the disclosure of 
Hayman. As discussed above, Hayman discloses "a security system for a computer 
system in which specific limitations are imposed on who has access to exactly what 
computer functions and data on the computer system." (Column 1, lines 48-51). 
Specifically, "[a] hierarchy of labels is created ranging from highly secret to commonly 
accessible and strict polices are enforced by the security system based on these labels to 
determine who has what type of access to which data files or other system resource." 
(Column 1, line 63 through Column 2, line 1). "According to the invention, a range of 
these labels is assigned to a particular user process to define a clearance range in which the 
process is allowed to operate." (Column 2, lines 2-4). As a result, Hayman also does not 
disclose, teach, or suggest "receiving at the filter a request for access fi-om an application 
resident on the workstation, the request for access identifying a computer resource resident 
on the workstation" and "determining if the request for access has exceeded a pre-set 
threshold identifying a limited number of processes that may be initiated by the 
application," as recited in new independent Claim 35. 

Independent Claims 50 and 65 recite certain features that are analogous to those 
discussed above. For example. Claim 50 recites a workstation that includes a processor 
that "in response to a received request for access" is operable to "determine if the request 
has exceeded a pre-set threshold identifying a limited number of processes that may be 
initiated by an application." Claim 65 recites logic operable when executed to "receive at 
the filter a request for access from an application resident on the workstation, the request 
for access identifying a computer resource resident on the workstation" and "determine if 
the request for access has exceeded a pre-set threshold identifying a limited number of 
processes that may be initiated by the application." Accordingly, for reasons similar to 
those discussed above. Applicants respectfully submit that the proposed Touboul-Hayman 
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combination does not disclose, teach, or suggest each and every limitation of Applicants' 
Claims 50 and 65. 

For at least these reasons. Applicants respectfully request reconsideration and 
allowance of Claims 35, 50, and 65, together with Claims 36-41, 51-56, and 66-71 that 
depend from Claims 35, 50, and 65, respectively. 

The Proposed Touboul-Hayman Combination is Improper 

Assuming for purposes of argument only that the proposed combination discloses 
the limitations of Applicants' Claims 27-71 (which Applicants dispute above), the 
Examiner has not cited language in either reference or v^thin information commonly 
known to those skilled in the art that provides the necessary motivation or suggestion to 
combine these two references. Additionally, one of ordinary skill in the art would not 
have been motivated to make the proposed combination. 

The M.P.E.P. sets forth the strict legal standard for establishing a prima facie case 
of obviousness based on modification or combination of prior art references. "To 
establish a prima facie case of obviousness, three basic criteria must be met. First, there 
must be some suggestion or motivation, either in the references themselves or in the 
knowledge generally available to one of ordinary skill in the art, to modify the reference or 
combine reference teachings. Second, there must be a reasonable expectation of success. 
Finally, the prior art reference (or references where combined) must teach or suggest all 
the claim limitations." M.P.E.P. § 2142, 2143. The teaching, suggestion or motivation for 
the modification or combination and the reasonable expectation of success must both be 
found in the prior art and cannot be based on an Applicant's disclosure. See Id, (citations 
omitted). "Obviousness can only be established by combining or modifying the teachings 
of the prior art to produce the claimed invention where there is some teaching, suggestion, 
or motivation to do so found either explicitly or implicitly in the references themselves or 
in the knowledge generally available to one of ordinary skill in the art" at the time of the 
invention. M.P.E.P. § 2143.01 . Even the fact that references can be modified or combined 
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does not render the resultant modification or combination obvious unless the prior art 
teaches or suggests the desirability of the modification or combination. See Id, (citations 
omitted). 

The governing Federal Circuit case law makes this strict legal standard even more 
clear. ^ According to the Federal Circuit, "a showing of a suggestion, teaching, or 
motivation to combine or modify prior art references is an essential component of an 
obviousness holding." In re Sang-Su Lee, 277 F.3d 1338, 1343, 61 U.S.P.Q.2d 1430, 1433 
(Fed. Cir. 2002) (quoting Brown & Williamson Tobacco Corp, v. Philip Morris Inc., 229 
F.3d 1120, 1124-25, 56 U.S.P.Q.2d 1456, 1459 (Fed. Cir. 2000)). "Evidence of a 
suggestion, teaching, or motivation . . . may flow from the prior art references themselves, 
the knowledge of one of ordinary skill in the art, or, in some cases, the nature of the 
problem to be solved." In re Dembiczak, 175 F.3d 994, 999, 50 U.S.P.Q.2d 1614, 1617 
(Fed, Cir. 1999). However, the "range of sources available . . . does not diminish the 
requirement for actual evidence." Id Even a determination that it would have been 
obvious to one of ordinary skill in the art at the time of the invention to try the proposed 
modification or combination is not sufficient to establish a prima facie case of 
obviousness. See In re Fine, 837 F.2d 1071, 1075, 5 U.S.P.Q.2d 1596, 1599 (Fed. Cir. 
1988). 

In addition, the M.P.E.P. and the Federal Circuit repeatedly warn against using an 
applicant's disclosure as a blueprint to reconstruct the claimed invention. For example, 
the M.P.E.P. states, "The tendency to resort to 'hindsight' based upon applicant's 
disclosure is often difficult to avoid due to the very nature of the examination process. 
However, impermissible hindsight must be avoided and the legal conclusion must be 
reached on the basis of the facts gleaned from the prior art." M.P.E.P. § 2142. The 
goveming Federal Circuit cases are equally clear. "A critical step in analyzing the 



^ Note M.P.E.P. 2145 X,C. ("The Federal Circuit has produced a number of decisions overturning 
obviousness rejections due to a lack of suggestion in the prior art of the desirability of combining 
references."). 
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patentability of claims pursuant to [35 U.S.C. § 103] is casting the mind back to the time 
of invention, to consider the thinking of one of ordinary skill in the art, guided only by the 
prior art references and the then-accepted wisdom in the field. . , . Close adherence to this 
methodology is especially important in cases where the very ease with which the invention 
can be understood may prompt one 'to fall victim to the insidious effect of a hindsight 
syndrome wherein that which only the invention taught is used against its teacher.'" In re 
Kotzab, 217 F.3d 1365, 1369, 55 U.S.P.Q.2d 1313, 1316 (Fed. Cir. 2000) (citations 
omitted). In In re Kotzab, the Federal Circuit noted that to prevent the use of hindsight 
based on the invention to defeat patentability of the invention, the court requires the 
Examiner to show a motivation to combine the references that create the case of 
obviousness. See id See also, e.g., Grain Processing Corp. v. American Maize-Products, 
840 F.2d 902, 907, 5 U.S.P.Q.2d 1788, 1792 (Fed. Cir. 1988). Similarly, in In re 
Dembiczak, the Federal Circuit reversed a finding of obviousness by the Board, explaining 
that the required evidence of such a teaching, suggestion, or motivation is essential to 
avoid impermissible hindsight reconstruction of an applicant's invention: 

Our case law makes clear that the best defense against the subtle but 
powerful attraction of hind-sight obviousness analysis is rigorous 
application of the requirement for a showing of the teaching or motivation 
to combine prior art references. Combining prior art references without 
evidence of such a suggestion, teaching, or motivation simply takes the 
inventor's disclosure as a blueprint for piecing together the prior art to 
defeat patentability — the essence of hindsight. 

175 F.3d at 999, 50 U.S.P.Q.2d at 1617 (emphasis added) (citations omitted). 

In the Final Office Action, the Examiner acknowledges that Touboul does not 
disclose "when unspecified application runs on the workstation, preventing the application 
fi"om accessing any resource directly." (Final Office Action, page 6). The Examiner 
speculates, however, that "it would have been obvious ... to employ the use of preventing 
unspecified application from accessing any resource directly in the system of Touboul as 
Hayman teaches to effectively protect computer resoiirces." (Final Office Action, page 6). 
Applicants respectfully submit that the Examiner's summary conclusion amounts to mere 
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speculation and does not provide the suggestion or motivation necessary to make the 
proposed combination.^ The mere possibility that the security system of Hayman might 
improve the system of Touboul, as the Examiner asserts, does not even remotely provide 
the required teaching, suggestion, or motivation to modify the teachings of ToubouL 
Applicants respectfully submit that in making this unobvious leap the Examiner has used 
the type of hindsight reconstruction explicitly forbidden by the M.P.E.P. and Federal 
Circuit. 

Furthermore, Applicants respectfully submit that one of ordinary skill in the art at 
the time of Applicants' invention would not have been motivated to make the proposed 
Touboul-Hayman combination. Applicants acknowledge that Touboul and Hayman relate 
generally to security systems. Applicants respectfully submit, however, that this is both 
the beginning and ending of any similarity between the two references. Whereas Touboul 
relates a network-based application that prevents hostile applications from breaching an 
internal network (Column 3, lines 9-12), Hayman relates to determining the permissibility 
of user-requested computer functions on a user-by-user basis. (Column 1, line 48 through 
Column 2, lines 2-4). Thus, the solution proposed by Hayman (restricting access to files 
"so that only users who posses certain privileges can access to the file") is designed to 
prevent all users from having total access to the system. Furthermore, there is no explicit 
or implicit reference in either reference which would suggest to one of ordinary skill to 
combine the network-based security system of Touboul with the user-based system of 
Hayman. In this respect, Applicants respectfully submit that the references are non- 
analogous art and, because not related, an improper combination. 

For at least these reasons. Applicants respectfully submit that the proposed 
Touboul-Hayman combination is improper. 



^ If the Examiner is relying on "common knowledge" or "well known" art in support of his rationale for 
combining Touboul and Hayman, the Examiner is requested to produce a reference in support of his position 
pursuant to M.P.E.P. § 2144.03. If the Examiner is relying on personal knowledge to supply the required 
motivation or suggestion to combine Touboul and Hayman, Applicants respectfully request that the 
Examiner produce an affidavit supporting such facts pursuant to M.P.E.P. § 2144.03. 
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CONCLUSION 



Applicants have made an earnest attempt to place this case in condition for 
allowance. For the foregoing reasons, and for other reasons clearly apparent, Applicants 
respectfully request full allowance of all pending claims. 

If the Examiner feels that a telephone conference would advance prosecution of 
this Application in any manner, the Examiner is invited to contact Jenni R. Moen, 
Attorney for Applicants, at the Examiner's convenience at (214) 953-6809. 

Applicants enclose a check in the amount of $950.00 for additional claims. 
Applicants believe that no other fees are due. However, the Commissioner is hereby 
authorized to charge any fees or credit any overpayment to Deposit Account No. 02-0384 
of Baker Botts L.L.P. 



Respectfully submitted. 



BAKER BOTTS L.L.P. 
Attorneys for Applicants 




Jeiyii IR. Moen 
Refc4«Io. 52,038 



Date: October 21, 2005 



Correspondence Address: 
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